CVE-2026-1816

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

CVE-2026-1816 OTP Bypass in TEİAŞ's Mobile Application

Improper restriction of excessive authentication attempts vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Brute Force. This issue affects Mobile Application: from 1.6.2 before 1.13...

CVE-2026-1816

TEİAŞ’s Mobile Application is affected by CVE-2026-1816: an improper restriction of excessive authentication attempts that enables brute-force attacks. Affected versions are 1.6.2 up to 1.13 (not inclusive). The CVSS 3.1 baseline is 6.3 (MEDIUM) with network attack vector, low privileges required...

EUVD-2026-31289

Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 before 1.13...

CVE-2026-1815 Session Hijacking in TEİAŞ's Mobile Application

Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 before 1.13...

CVE-2026-1815

Insufficient session expiration vulnerability in Turkiye Electricity Transmission Corporation TEİAŞ Mobile Application allows Session Hijacking. This issue affects Mobile Application: from 1.6.2 before 1.13...

PT-2026-26637

A cross-site scripting XSS vulnerability has been reported to affect QuFTP Service. If a remote attacker gains an administrator account, they can then exploit the vulnerability to bypass security mechanisms or read application data. We have already fixed the vulnerability in the following version...

WordPress WooCommerce Infinite Scroll plugin <= 1.6.2 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin WooCommerce Infinite Scroll versions = 1.6.2...

CVE-2026-22519

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in BuddyDev MediaPress mediapress allows Stored XSS.This issue affects MediaPress: from n/a through = 1.6.2...

PT-2026-1969

Name of the Vulnerable Software and Affected Versions NextGEN Download Gallery versions through 1.6.2 Description The NextGEN Download Gallery software contains a flaw that could allow unauthorized retrieval of embedded sensitive data due to an exposure of sensitive system information to an...

PT-2025-44048

Name of the Vulnerable Software and Affected Versions InventoryGui versions 1.6.1-SNAPSHOT and earlier Description A flaw exists in InventoryGui that could allow item duplication when the experimental Bundle item feature is enabled on the server. This issue affects any plugin utilizing the...

CVE-2023-2058

A vulnerability was found in EyouCms up to 1.6.2. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /yxcms/index.php?r=admin/extendfield/mesedit=12=4 of the component HTTP POST Request Handler. The manipulation of the argument webico leads...

WordPress plugin WooCommerce Multivendor Marketplace SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection vulnerabili...

WordPress Import Export For WooCommerce plugin <= 1.6.2 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Import Export For WooCommerce versions = 1.6.2...

PT-2023-31665 · WordPress · Woocommerce Menu Extension

Name of the Vulnerable Software and Affected Versions: WooCommerce Menu Extension versions 1.6.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which leads to a Stored XSS vulnerability. This allows for the storage of malicious script...

DEBIAN-CVE-2023-0475

HashiCorp go-getter up to 1.6.2 and 2.1.1 is vulnerable to decompression bombs. Fixed in 1.7.0 and 2.2.0...

192.168.0.172 (=4.6.1), @attivio/suit (>=0.0.47 <=1.0.7) +76 more potentially affected by CVE-2021-23398 via react-bootstrap-table (>=1.6.2 <=4.3.1)

react-bootstrap-table NPM version =1.6.2, =0.0.47, =1.0.0, =0.3.1, =0.1.1, =1.21.0, =0.15.0-beta-1, =0.0.1, =1.14.3, =1.0.1, =1.0.70 and more Source cves: CVE-2021-23398 Source advisory: OSV:GHSA-2589-W6XF-983R...